Prolexic Quarterly Global DDoS Attack Report Q2 2013 www.prolexic.com
May 06, 2015
Prolexic Quarterly Global DDoS Attack Report Q2 2013
www.prolexic.com
2www.prolexic.com
Prolexic Global DDoS Attack Report: Q2 2013
• What happened in Q2 2013?– Average bandwidth reached 49.24 Gigabits per
second (Gbps)– Packet-per-second (pps) rate averaged 47.4 million– Average attack duration increase to 38 hours– DDoS attacks got bigger, stronger and longer
May 2013 www.prolexic.com
3www.prolexic.com
Bigger DDoS attacks
• 17 percent of attacks exceeded 60 Gbps in Q2
4www.prolexic.com
Emerging DDoS trends
• Identified trends:– Targeting of Internet service providers (ISPs) and
carrier-router infrastructures– High average packets-per-second (pps) • Average pps exceeds the capacity of most DDoS
mitigation equipment• Even routers carrying traffic to DDoS mitigation
equipment would be strained at this level• See full report for details on pps trends
5www.prolexic.com
Analysis of DDoS attack types in Q2 2013
• 74.7 percent of attacks targeted infrastructure • Favored attack types were:– SYN: 33 percent (infrastructure)– ICMP: 15 percent (infrastructure)– UDP: 10 percent (infrastructure)– HTTP GET: 21 percent (application)
• Download the full report for percentages and graphs by attack type, including attack volume and trends
6www.prolexic.com
DDoS attack frequency in Q2 2013
• Prolexic mitigated more DDoS attacks than ever in Q2 2013
• April was the busiest month: 39.7% percent of all attacks
• April 8-14 and April 15-21 were the most active weeks
7www.prolexic.com
DDoS attack frequency in Q2 2013 vs. Q2 2012
• The chart shows the percent change in the number of attacks by week from Q2 2012 to Q2 2013
9www.prolexic.com
Case study: 167 Gbps DrDoS attack
• The largest attack that Prolexic has mitigated• Leveraged misconfigured DNS servers for
distributed reflection denial of service (DrDoS) attack
• Used amplification tactics to increase strength• Attackers probably used a DDoS-as-a-service
stresser or booter suite with root/system-level access
• Get the Q2 2013 DDoS Attack Report for specific attack vectors and traffic distribution used in this attack
10www.prolexic.com
Prolexic Global DDoS Attack Report: Q2 2013
• Download the Prolexic Q2 2013 Global DDoS Attack Report for:– Average and trends in attack duration and bandwidth
– Total number and trends of attacks by type
– In-depth case studies
– Year-over-year and quarter-over-quarter comparisons
– A look forward at emerging DDoS trends
• Prolexic Technologies is the world’s largest and most trusted distributor of DDoS protection and mitigation services.
• Prolexic Security and Engineering Response Team (PLXsert) monitors the global malicious cyber threats and actively analyzes DDoS attacks using proprietary techniques and equipment.